Merge pull request #103902 from pkern/spamassassin

nixos/spamassassin: Avoid network dependency on boot
This commit is contained in:
Luke Granger-Brown 2021-04-25 11:14:57 +01:00 committed by GitHub
commit 2fa2e63932
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 38 additions and 31 deletions

View file

@ -126,19 +126,36 @@ in
}; };
systemd.services.sa-update = { systemd.services.sa-update = {
# Needs to be able to contact the update server.
wants = [ "network-online.target" ];
after = [ "network-online.target" ];
serviceConfig = {
Type = "oneshot";
User = "spamd";
Group = "spamd";
StateDirectory = "spamassassin";
ExecStartPost = "+${pkgs.systemd}/bin/systemctl -q --no-block try-reload-or-restart spamd.service";
};
script = '' script = ''
set +e set +e
${pkgs.su}/bin/su -s "${pkgs.bash}/bin/bash" -c "${pkgs.spamassassin}/bin/sa-update --gpghomedir=/var/lib/spamassassin/sa-update-keys/" spamd ${pkgs.spamassassin}/bin/sa-update --verbose --gpghomedir=/var/lib/spamassassin/sa-update-keys/
rc=$?
v=$?
set -e set -e
if [ $v -gt 1 ]; then
echo "sa-update execution error" if [[ $rc -gt 1 ]]; then
exit $v # sa-update failed.
exit $rc
fi fi
if [ $v -eq 0 ]; then
systemctl reload spamd.service if [[ $rc -eq 1 ]]; then
# No update was available, exit successfully.
exit 0
fi fi
# An update was available and installed. Compile the rules.
${pkgs.spamassassin}/bin/sa-compile
''; '';
}; };
@ -153,32 +170,22 @@ in
}; };
systemd.services.spamd = { systemd.services.spamd = {
description = "Spam Assassin Server"; description = "SpamAssassin Server";
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
after = [ "network.target" ]; wants = [ "sa-update.service" ];
after = [
"network.target"
"sa-update.service"
];
serviceConfig = { serviceConfig = {
ExecStart = "${pkgs.spamassassin}/bin/spamd ${optionalString cfg.debug "-D"} --username=spamd --groupname=spamd --virtual-config-dir=/var/lib/spamassassin/user-%u --allow-tell --pidfile=/run/spamd.pid"; User = "spamd";
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; Group = "spamd";
ExecStart = "+${pkgs.spamassassin}/bin/spamd ${optionalString cfg.debug "-D"} --username=spamd --groupname=spamd --virtual-config-dir=%S/spamassassin/user-%u --allow-tell --pidfile=/run/spamd.pid";
ExecReload = "+${pkgs.coreutils}/bin/kill -HUP $MAINPID";
StateDirectory = "spamassassin";
}; };
# 0 and 1 no error, exitcode > 1 means error:
# https://spamassassin.apache.org/full/3.1.x/doc/sa-update.html#exit_codes
preStart = ''
echo "Recreating '/var/lib/spamasassin' with creating '3.004001' (or similar) and 'sa-update-keys'"
mkdir -p /var/lib/spamassassin
chown spamd:spamd /var/lib/spamassassin -R
set +e
${pkgs.su}/bin/su -s "${pkgs.bash}/bin/bash" -c "${pkgs.spamassassin}/bin/sa-update --gpghomedir=/var/lib/spamassassin/sa-update-keys/" spamd
v=$?
set -e
if [ $v -gt 1 ]; then
echo "sa-update execution error"
exit $v
fi
chown spamd:spamd /var/lib/spamassassin -R
'';
}; };
}; };
} }

View file

@ -1,4 +1,4 @@
{ lib, fetchurl, perlPackages, makeWrapper, gnupg }: { lib, fetchurl, perlPackages, makeWrapper, gnupg, re2c, gcc, gnumake }:
perlPackages.buildPerlPackage rec { perlPackages.buildPerlPackage rec {
pname = "SpamAssassin"; pname = "SpamAssassin";
@ -29,7 +29,7 @@ perlPackages.buildPerlPackage rec {
mv "rules/"* $out/share/spamassassin/ mv "rules/"* $out/share/spamassassin/
for n in "$out/bin/"*; do for n in "$out/bin/"*; do
wrapProgram "$n" --prefix PERL5LIB : "$PERL5LIB" --prefix PATH : "${gnupg}/bin" wrapProgram "$n" --prefix PERL5LIB : "$PERL5LIB" --prefix PATH : ${lib.makeBinPath [ gnupg re2c gcc gnumake ]}
done done
''; '';